July 18, 2022 | Mitigating Apache Spark UI CVE-2022-33891

Overview On July 18th, Apache Spark released an official statement regarding a newly found vulnerability within Apache Spark's ACL implementation (tracked via CVE-2022-33891, which, at the time of this article’s publishing, has not yet received a ...
Read More »

June 2, 2022 | Mitigating Confluence RCE CVE-2022-26134

Overview On June 2nd, Atlassian published a security advisory for a critical vulnerability (CVE-2022-26134) that has been allowing unauthenticated attackers to execute arbitrary code in Atlassian's Confluence Server and Data Center. This unpatched...
Read More »

May 18, 2022 | Mitigating VMWare Critical Vulnerabilities

Overview On May 18th, 2022, VMWare published a security advisory (VMSA-2022-0014) with a CVSS base score of 9.8/10 that includes a more severe authentication bypass vulnerability (CVE-2022-22972) in addition to a privilege escalation vulnerability...
Read More »